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1 Cryptograph y and data securit y 
Dorothy Elizabeth Robling Denning 
January 1982 Book 

Publisher: Addison-Wesley Longman Publishing Co., Inc. 

Full text available: *g| pdf(19.47 MB ) Additional Information: full citation , abstract , references , citings, index term 

From the Preface (See Front Matter for full Preface) 

Electronic computers have evolved from exiguous experimental enterprises in the 1940s to prol 
practical data processing systems in the 1980s. As we have come to rely on these systems to p 
and store data, we have also come to wonder about their ability to protect valuable data. 

Data security is the science and study of methods of protecting data in computer and communk 
systems from unauthorized disclosure ... 

2 Encr y ption and Secure Computer Networks 
Gerald J. Popek, Charles S. Kline 

^ December 1979 ACM Computing Surveys (CSUR), Volume u issue 4 
Publisher: ACM Press 

Full text available: ^| pdf(2.50 MB ) Additional Information: full citation , references , citin gs, index terms 
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£v Shai Halevi, Hugo Krawczyk 

V August 1999 ACM Transactions on Information and System Security (TISSEC), Volume 2 Issue : 
Publisher: ACM Press 

Full text available: ^ pdf(275.84 KB) Additional Information: full citation , abstract , references , citings, index term 

We study protocols for strong authentication and key exchange in asymmetric scenarios where 
authentication server possesses ~a pair of private and public keys while the client has only a w< 
human-memorizable password as its authentication key. We present and analyze several simple 
password authentication protocols in this scenario, and show that the security of these protocol: 
formally proven based on standard cryptographic assumptions. Remarkably, our analysis shows 
re ... 
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^ November 1992 ACM Transactions on Computer Systems (TOCS), volume 10 issue 4 
Publisher: ACM Press 

Full text available: ^|pdf( 3.37 MB) Additional Information: full citation , abstract , references , citings , index term 

We describe a theory of authentication and a system that implements it. Our theory is based on 
notion of principal and a "speaks for" relation between principals. A simple principal either has a 
or is a communication channel; a compound principal can express an adopted role or delegated 
authority. The theory shows how to reason about a principal's authority by deducing the other 
principals that it can speak for; authenticating a channel is one important application. We ... 

Keywords: certification authority, delegation, group, interprocess communication, key distribui 
loading programs, path name, principal, role, secure channel, speaks for, trusted computing ba: 

5 Introduction of the asymmetric cryptography in GSM, GPRS, UMTS, and its public key 
infrastructure integration 

Constantinos F. Grecas, Sotirios I. Maniatis, Iakovos S. Venieris 
April 2003 Mobile Networks and Applications, volume 8 issue 2 
Publisher: Kluwer Academic Publishers 

Full text available: *g| pdf(1 07.24 KB) Additional Information: full citation , abstract , references , index terms 

The logic ruling the user and network authentication as well as the data ciphering in the GSM 
architecture is characterized, regarding the transferring of the parameters employed in these * 
processes, by transactions between three nodes of the system, that is the MS, actually the SIM, 
visited MSC/VLR, and the AuC, which is attached to the HLR in most cases. The GPRS and the U 
architecture carry the heritage of the GSM's philosophy regarding the user/network authenticati 
the data ciphe ... 

Keywords: PKIs, PLMNs, asymmetric cryptography 
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Full text available: ^| pdf(2.33 MB) Additional Information: full citation , abstract , references , citings , index term 

We describe a theory of authentication and a system that implements it. Our theory is based on 
notion of principal and a "speaks for" relation between principals. A simple principal either has c 
or is a communication channel; a compound principal can express an adopted role or delegatior 
authority. The theory explains how to reason about a principal's authority by deducing the othei 
principals that it can speak for; authenticating a channel is one important application. We use t\ 

7 Just fast keyin g : Key ag reement in a hostile internet 

William Aiello, Steven M. Bellovin, Matt Blaze, Ran Canetti, John Ioannidis, Angelos D. Keromytis, ( 
Reingold 

May 2004 ACM Transactions on Information and System Security (TISSEC), volume 7 issue 2 
Publisher: ACM Press 
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We describe Just Fast Keying (JFK), a new key-exchange protocol, primarily designed for use in 
security architecture. It is simple, efficient, and secure; we sketch a proof of the latter property 
also has a number of novel engineering parameters that permit a variety of tradeoffs, most not- 
ability to balance the need for perfect forward secrecy against susceptibility to denial-of-service 
attacks. 

Keywords: Cryptography, denial-of-service attacks 



8 Secret key distribution protocol using public key cry ptog raphy 
Amit Parnerkar, Dennis Guster, Jayantha Herath 

October 2003 Journal of Computing Sciences in Colleges, volume 19 issue l 
Publisher: Consortium for Computing Sciences in Colleges 

Full text available: *g| pdf( 74.93 KB ) Additional Information: full citation , abstract , refe rences , ind ex terms 

This paper presents the description and analysis of a protocol, which uses hybrid crypto algorith 
key distribution. A triple DES with a 168-bit key is used to generate the secret key. This secret 
transferred with the help of public key cryptography. The authentication process is accomplish^ 
using the message digest algorithm MD5. This protocol uses mutual authentication in which, bo 
participants have to authenticate themselves via a third trusted certificate authority (CA). Th ... 
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Yih-Chun Hu, Adrian Perrig, Marvin Sirbu 

August 2004 ACM SIGCOMM Computer Communication Review , Proceedings of the 2004 



conference on Applications, technologies, architectures, and protocols for con 
communications SIGCOMM '04, volume 34 issue 4 
Publisher: ACM Press 

Full text available: ^| pdf(236.82 KB) Additional Information: full citation , abstract , references , citings , index term 

As our economy and critical infrastructure increasingly relies on the Internet, the insecurity of tl 
underlying border gateway routing protocol (BGP) stands out as the Achilles heel. Recent 
misconfigurations and attacks have demonstrated the brittleness of BGP. Securing BGP has beo 
priority. In this paper, we focus on a viable deployment path to secure BGP. We analyze securitv 
requirements, and consider tradeoffs of mechanisms that achieve the requirements. In particulc 
study how to se ... 

Keywords: BGP, Border Gateway Protocol, interdomain routing, routing, security 

10 SPINS: security protocols for sensor networks 

Adrian Perrig, Robert Szewczyk, J. D. Tygar, Victor Wen, David E. Culler 
September 2002 Wireless Networks, volume 8 issue 5 
Publisher: Kluwer Academic Publishers 

Full text available: ^ pdf(213.37 KB) Additional Information: full citation , abstract , references , citings , index term 

Wireless sensor networks will be widely deployed in the near future. While much research has f< 
on making these networks feasible and useful, security has received little attention. We present 
of security protocols optimized for sensor networks: SPINS. SPINS has two secure building blocl 
SNEP and pTESLA. SNEP includes: data confidentiality, two-party data authentication, and evid« 
data freshness. pTESLA provides authenticated broadcast for severely resource-constrained ... 

Keywords: MANET, authentication of wireless communication, cryptography, mobile ad hoc nel 
secrecy and confidentiality, secure communication protocols, sensor networks 
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Qiang Huang, Johnas Cukier, Hisashi Kobayashi, Bede Liu, Jinyun Zhang 

September 2003 Proceedings of the 2nd ACM international conference on Wireless sensor 
networks and applications WSNA '03 

Publisher: ACM Press 

Full text available: ^| pdf(303.05 KB ) Additional Information: full citation , abstract , references , in dex terms 

In this paper, we consider efficient authenticated key establishment protocols between a sensor 
security manager in a self-organizing sensor network. We propose a hybrid authenticated key 
establishment scheme, which exploits the difference in capabilities between security managers ; 
sensors, and put the cryptographic burden where the resources are less constrained. The hybric 
scheme reduces the high cost public-key operations at the sensor side and replaces them with c 
symmetric- ... 

Keywords: elliptic curve cryptography, key establishment, security, sensor network 



12 Cry pto-based identifiers (CBIDs): Concepts and applications 
^ Gabriel Montenegro, Claude Castelluccia 

^ February 2004 ACM Transactions on Information and System Security (TISSEC), volume 7 issu 
Publisher: ACM Press 

Full text available: ^]pdf( 26276 KB ) Additional Information: full citation , abstract , references , citing s, index term 

This paper addresses the identifier ownership problem. It does so by using characteristics of Stc 
Uniqueness and Cryptographic Verifiability (SUCV) of certain entities which this document calls : 
Identifiers and Addresses, or, alternatively, Crypto-based Identifiers. Their characteristics allow 
severely limit certain classes of denial-of-service attacks and hijacking attacks. SUCV addresses 
particularly applicable to solve the address ownership problem that hinders mechani ... 

t Keywords: Security, address ownership, authorization, group management, mobile IPv6, oppo 
encryption 



Verifiable encryption of di g ital si g natures and a p plications 
Giuseppe. Ateniese 

February 2004 ACM Transactions on Information and System Security (TISSEC), volume 7 issu 
Publisher: ACM Press 

Full text available: l g) pdf( 258.12 KB) Additional Information: full citation , abstract , references , in dex term s 

This paper presents a new simple schemes for verifiable encryption of digital signatures. We me 
of a trusted third party (TTP) but in an optimistic sense, that is, the TTP takes part in the protoc 
if one user cheats or simply crashes. Our schemes can be used as primitives to build efficient fa 
exchange and certified e-mail protocols. 

Keywords: Certified e-mail, contract signing, digital signatures, fair exchange, proof of knowle- 
public-key cryptography 



14 Access management for distributed systems: Peer-to-peer access control architecture usir 
^ trusted computin g technolog y 
^ Ravi Sandhu, Xinwen Zhang 

June 2005 Proceedings of the tenth ACM symposium on Access control models and techn 
SACMAT '05 

Publisher: ACM Press 

Full text available: ^ pdf(215.48 KB) Additional Information: full citation , abstract , references , citing s, index term 

It has been recognized for some time that software alone does not provide an adequate foundal 
building a high-assurance trusted platform. The emergence of industry-standard trusted compu 
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technologies promises a revolution in this respect by providing roots of trust upon which secure 
applications can be developed. These technologies offer a particularly attractive platform for sec 
peer-to-peer environments. In this paper we propose a trusted computing architecture to enfon 

Keywords: access control, policy enforcement, security architecture, trusted computing 



A modular approach to the desi g n and analysis of authentication and ke y exchan ge protoc 
(extended abstract ) 

Mihir Bellare, Ran Canetti, Hugo Krawczyk 

May 1998 Proceedings of the thirtieth annual ACM symposium on Theory of computing S 
•98 

Publisher: ACM Press 

Full text available: ^|pdf( 1.61 MB) Additional Information; full citation , references , citin gs, index terms 



Analyzin g securit y protocols with secrecy types and lo gic programs 
Martin Abadi, Bruno Blanchet 

January 2005 Journal of the ACM (JACM), volume 52 issue l 
Publisher: ACM Press 

Full text available: |g| pdf( 438.64 KB) Additional Information: full citation , abstract , references , citing s, index term 

We study and further develop two language-based techniques for analyzing security protocols. ( 
based on a typed process calculus; the other, on untyped logic programs. Both focus on secrecy 
properties. We contribute to these two techniques, in particular by extending the former with a 
generic treatment of many cryptographic operations. We also establish an equivalence between 
techniques. 

Keywords: Cryptographic protocols, logic programming, process calculi, secrecy properties, ty| 



S pecial feature: Report on a working session on security in wireless ad hoc networks 
Levente Buttyan, Jean-Pierre Hubaux 

January 2003 ACM SIGMOBILE Mobile Computing and Communications Review, volume 7 issue 
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Full text available: 'gj pdfte.SO MB) Additional Information: full citation , references , citings 



18 Cryptogra phic tools: ID-based encryption for complex hierarchies with a p plications to forwc 

security and broadcast encryption 
^ Danfeng Yao, Nelly Fazio, Yevgeniy Dodis, Anna Lysyanskaya 

October 2004 Proceedings of the 11th ACM conference on Computer and communications s 
CCS '04 

Publisher: ACM Press 

Full text available: ^ pdf ( 220.00 KB ) Additional Information: full citation , abstract , references , index terms 

A forward-secure encryption scheme protects secret keys from exposure by evolving the keys v\ 
time. Forward security has several unique requirements in hierarchical identity-based encryptioi 
scheme: (1) users join dynamically; (2) encryption is joining-time-oblivious; (3) users evolve s< 
keys autonomously. 

We present a scalable forward-secure HIBE (fs-HIBE) scheme satisfying the above properties. V 
show how our fs-HIBE scheme can be used to construct a forward-secure ... 
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19 Security protocols: Certified mailing lists 



March 2006 Proceedings of the 2006 ACM Symposium on Information, computer and 
communications security ASIACCS '06 

Publisher: ACM Press 



Email List Services (or simply, mailing lists) are becoming increasingly common for collaborate 
computing. In order to enable their use for official purposes with increased effectiveness and se 
services typically provided by postal mail (e.g. fair delivery) need to be provided in mailing lists 
paper we propose a novel Certified Mailing-list Protocol (CMLP) that provides fair delivery, 
confidentiality, non-repudiation of origin and receipt, and authentication and integrit ... 

Keywords: certified delivery, mailing lists 
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